Lucene search
K

44 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-18133

Malicious code in bioql PyPI...

10CVSS9.1AI score0.03146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:25 a.m.4 views

CVE-2024-20418

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul URWB Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating...

10CVSS8.4AI score0.03146EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/26 12:0 a.m.3 views

Advantech EKI-6333AC-2G和Advantech EKI-6333AC-2GD 安全漏洞

The Advantech EKI-6333AC-2G and Advantech EKI-6333AC-2GD are both industrial-grade wireless access points APs from Advantech, China. A security vulnerability exists in the Advantech EKI-6333AC-2G version 1.6.3 and earlier, EKI-6333AC-2GD version v1.6.3 and earlier, and EKI-6333AC-1GPO version...

6.5CVSS6.8AI score0.00187EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/08 12:0 a.m.3 views

Cisco Unified Industrial Wireless Software Command Injection Vulnerability

Cisco Unified Industrial Wireless Software is a software provided by Cisco for industrial wireless networks. A command injection vulnerability exists in Cisco Unified Industrial Wireless Software. The vulnerability is caused due to improper validation of inputs to the web management interface of...

10CVSS7.8AI score0.03146EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/08 12:0 a.m.4 views

The vulnerability in the web interface of Cisco Unified Industrial Wireless network devices’ Cisco Ultra-Reliable Wireless Backhaul software allows a attacker to execute arbitrary code with root privileges.

The vulnerability of the Cisco Unified Industrial Wireless network device management web interface for Cisco Ultra-Reliable Wireless Backhaul URWB is related to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a...

10CVSS8.5AI score0.03146EPSS
Exploits0References2Affected Software3
The Hacker News
The Hacker News
added 2024/11/07 9:8 a.m.21 views

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems

Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul URWB Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked as CVE-2024-20418 CVS score: 10.0, the vulnerability...

10CVSS7.9AI score0.03146EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.2 views

Cisco Unified Industrial Wireless Software 命令注入漏洞

Cisco Unified Industrial Wireless Software is a software provided by Cisco for industrial wireless networks. A command injection vulnerability exists in Cisco Unified Industrial Wireless Software. The vulnerability is caused due to improper validation of inputs to the web management interface of...

10CVSS7.8AI score0.03146EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.4 views

PT-2024-7681

Name of the Vulnerable Software and Affected Versions: Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul URWB Access Points versions prior to 17.15.1 Catalyst IW9165D Heavy Duty Access Points versions prior to 17.15.1 Catalyst IW9165E Rugged Access Points and...

10CVSS9.7AI score0.03146EPSS
Exploits0References62
BDU FSTEC
BDU FSTEC
added 2024/08/26 12:0 a.m.6 views

The vulnerability of microprogrammed software in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters exists due to the presence of rigidly encrypted credentials in the application code. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

7.8CVSS5.5AI score0.00633EPSS
Exploits0References5Affected Software14
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.9 views

PT-2024-5759 · Vonets · Vonets Industrial Wifi Bridge Relays +1

Name of the Vulnerable Software and Affected Versions: Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters versions 3.3.23.6.9 and prior Description: The issue is related to stack-based buffer overflow vulnerabilities in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters...

10CVSS8.5AI score0.01114EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.4 views

The vulnerability of the httpd Manage_request function in the microprogramming-based industrial Wi-Fi routers Yifan YF325 allows a hacker to execute arbitrary code.

The vulnerability of the httpd nextpage function in the microprogramming-based industrial Wi-Fi routers Yifan YF325 relates to reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.3AI score0.00773EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.5 views

The vulnerability of the httpd next_page function in the microprogramming software of industrial Wi-Fi routers Yifan YF325 allows a hacker to execute arbitrary commands.

The vulnerability of the httpd nextpage function in the microprogramming-based industrial Wi-Fi routers Yifan YF325 relates to reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.3AI score0.01018EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.4 views

Honeywell OneWireless 访问控制错误漏洞

Honeywell OneWireless is an industrial wireless mesh network from Honeywell that can simultaneously support ISA100 Wireless IEC 62734, WirelessHART IEC 62591 field instruments transmitters, actuators, etc., Wi-Fi devices and Ethernet/IP-based devices. A security vulnerability exists in Honeywell...

7.5CVSS7.4AI score0.00527EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.4 views

Delta Electronics DVW-W02W2-E2 操作系统命令注入漏洞

Delta Electronics DVW-W02W2-E2 is an industrial wireless networking solution from Delta Electronics China. A security vulnerability exists in the Delta Electronics DVW-W02W2-E2 version 1.5.0.10, which originates from an attacker being able to implement command injection via a crafted URL...

8.8CVSS8AI score0.18158EPSS
Exploits1References3
Talos Blog
Talos Blog
added 2022/05/12 5:0 a.m.13 views

Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Francesco Benvenuto and Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a... This...

2.5AI score
Exploits0
0day.today
0day.today
added 2021/10/12 12:0 a.m.426 views

Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Exploit

Cypress Solutions CTM-200 wireless gateway version 2.7.1 suffers from an authenticated semi-blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'ctm-config-upgrade.sh' script leveraging the 'fwurl' POST...

0.2AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/10/10 12:0 a.m.403 views

Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root (Telnet/SSH)

Summary CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a Linux based platform powered by ARM Cortex-A8 800 MHz superscalar processor. Its on-board standard features make the CTM-200 ideal for mobile fleet applications or fixed site office and...

9.3CVSS7.3AI score0.00282EPSS
Exploits1
OSV
OSV
added 2021/06/25 7:15 p.m.5 views

CVE-2021-33535

In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iwconsole coniowritestr functionality. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can se...

8.8CVSS7.6AI score0.0161EPSS
Exploits0References1
OSV
OSV
added 2021/06/25 7:15 p.m.7 views

CVE-2021-33539

In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. A specially configured device hostname can cause the device to interpret selected remote traffic as local traffic, resulting in a bypass of web...

7.2CVSS7.1AI score0.01058EPSS
Exploits0References1
OSV
OSV
added 2021/06/25 7:15 p.m.6 views

CVE-2021-33537

In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iwwebs configuration parsing functionality. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An...

8.8CVSS7.9AI score0.0161EPSS
Exploits0References1
Rows per page
Query Builder